Elsewhere in the US, some states have passed legislation limiting the use of biometrics which means that even on home soil Clearview is facing legal challenges to scaling use of its anti-privacy technology.Now, some of those critics fear that codifying Clearview’s work with a patent will accelerate the growth of these technologies before legislators or regulators have fully addressed the potential dangers. So limits on Clearview’s ability to scale internationally keep expanding, even as (some) US-based law enforcement agencies continue to tap in. (Although a recent report in the The Washington Post suggests it has been pitching investors on a massive expansion of its business which could include selling ID-matching services to the private sector, such as by targeting financial services or gig economy platforms.)ĭespite reportedly bullish talk to its own investors of international expansion, the controversial facial recognition company has been hit with privacy sanctions around the world - from Canada to Australia.
Certainly on the public sector side - and law enforcement remains a primary target for its ID-matching tech. So each prohibition Clearview racks up in an EU market shrinks its potential customer base. That said, DPAs can always go after any local entities foolish enough to become customers of the sanctioned entity - as Sweden’s watchdog did last year, fining a local police force for what it said was unlawful use of Clearview’s facial recognition software. While the EU’s GDPR does - on paper - have extraterritorial reach, meaning it applies outside bloc to anyone processing EU people’s data, enforcing against foreign entities that don’t have any local establishments or executives to serve sanctions on can make for hard practical limits on the law’s reach. But the lack of an EU-based Clearview entity makes it a lot harder for Italy to collect a fine. In a press release announcing the sanction the Garante also noted that it has ordered Clearvew to designate a representative in the EU “in order to facilitate exercise of data subject rights” - another legal requirement under EU law which it found the company had not fulfilled. “The decision was notified to the company yesterday, and the company will have to inform the Authority as to the steps it is undertaking in order to comply with the decision or else to challenge it - including applicability of the GDPR and the relevant measures,” a spokesman for the DPA told us. However, whether Italy will be able to collect the €20M penalty from Clearview, a US-based entity, is one rather salient question. In December France’s CNIL also ordered Clearview to cease processing citizens’ data and gave it two months to delete any data it held but did not mention a financial sanction. It’s the strongest enforcement yet from a European privacy watchdog, with the UK’s ICO warning back in November of a possible fine when it also ordered Clearview to stop processing data. My intentions and those of my company have always been to help communities and their people to live better, safer lives. I am heartbroken by the misinterpretation by some in Italy, where we do no business, of Clearview AI’s technology to society. We only collect public data from the open internet and comply with all standards of privacy and law. Clearview AI does not have a place of business in Italy or the EU, it does not have any customers in Italy or the EU, and does not undertake any activities that would otherwise mean it is subject to the GDPR.
0 kommentar(er)
